[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Inside knowledge likely in Target breach, experts say
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2013-12-20 10:19:04
Message-ID: alpine.DEB.2.02.1312201018560.2157 () infosecnews ! org
[Download RAW message or body]

http://www.csoonline.com/article/744905/inside-knowledge-likely-in-target-breach-experts-say

By Antone Gonsalves
csoonline.com
December 19, 2013

The Target security breach that left millions of debit and credit card holders 
at risk of becoming victims of fraud left experts pondering the question of how 
such a massive theft might have occurred.

Theories varied, but the scant details released by the retailer Thursday left 
some experts believing the criminals had to have some inside knowledge of the 
company's point-of-sale system in order to compromise it so effectively.

Either people inside the organization were involved or, "at the very least, 
(the thieves) had sophisticated knowledge and a clear understanding of the 
cardholder data flows, in order to pinpoint where to steal this very specific 
data and then exfiltrate it," Mark Bower, director of information protection 
solutions at Voltage Security, said.

Target reported Thursday that card data, including customer name, credit or 
debit card number and the card's expiration date and CVV code, had been stolen 
from 40 million accounts used for shopping between Nov. 27 and Dec. 15. The CVV 
code is the three-digit security number found on the back of cards.

[...]



--
Find the best InfoSec talent without breaking your
IT recruiting budget! Save 50 percent off our normal
rate by using the discount code - XMAS2013
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
[prev in list] [next in list] [prev in thread] [next in thread]